Role Overview
We are seeking an experienced and hands-on SOC Operations Technical Lead to lead a team of SOC Analysts operating in a 24/7/365 environment.
This is a senior, technically focused leadership role within our Managed Security Services (MSSP) function, reporting directly to the Head of SOC Operations. You will act as the senior technical authority, driving excellence in threat detection, incident response, and security operations across a diverse, multi-client portfolio.
While you will lead and mentor a team, this is not a purely managerial role. You will remain deeply involved in technical delivery, acting as an escalation point, leading complex investigations, and continuously improving SOC capabilities.
Key Responsibilities
Team Leadership & SOC Operations
* Lead day-to-day SOC operations across all shifts, ensuring consistent 24/7 coverage
* Manage shift schedules, handovers, and on-call rotations
* Act as the primary escalation point for security incidents and analyst queries
* Ensure high-quality triage, investigation, and response aligned to SOC processes
* Drive team development through training, coaching, and technical mentoring
* Ensure accurate and timely case management (HALO) and delivery against SLAs
Technical Leadership & Continuous Improvement
* Provide expert guidance on threat detection, incident response, and threat hunting
* Lead escalations for complex or high-severity incidents across client environments
* Develop and optimise detection rules, playbooks, and automation
* Improve SOC tooling (SIEM, EDR/XDR, SOAR) and operational processes
* Design and maintain advanced detection use cases and correlation logic
Client Engagement & Consulting
* Act as a trusted advisor to clients, supporting security reviews and incident analysis
* Translate technical findings into clear, actionable recommendations
* Support continuous improvement of client security posture
Collaboration
* Work closely with Threat Intelligence, Engineering, and Incident Response teams
* Enhance detection capability through intelligence sharing and tool optimisation
* Align processes to strengthen overall security operations effectiveness
Strategic Contribution
* Identify opportunities to enhance MSSP services and capabilities
* Monitor emerging threats, technologies, and industry trends
* Ensure compliance with regulatory standards and internal frameworks
Skills & Experience
Essential
* 7+ years in Security Operations, including 3-4 years in a senior/lead SOC role
* Strong hands-on experience with:
* SIEM (e.g. Microsoft Sentinel, CrowdStrike)
* EDR/XDR (e.g. CrowdStrike, Microsoft Defender, Carbon Black)
* SOAR and threat intelligence platforms
* Proven expertise in threat hunting and incident response
* Experience developing and tuning detection rules in multi-tenant environments
* Strong automation skills to improve SOC efficiency
* Excellent client-facing and communication skills
Desirable
* Certifications such as CISSP, GIAC (GCIH, GCIA, GREM), SC-200 or SC-300
* Experience in cloud security operations
* Background in MSSP or consulting environments
* Familiarity with frameworks such as NIST, ISO27001, or ITIL
Key Competencies
* Strong technical depth with the ability to simplify complex concepts
* Excellent analytical and problem-solving skills under pressure
* Confident communicator with strong stakeholder engagement skills
* Collaborative leadership style with a focus on mentoring and development
* Ability to manage multiple priorities in a fast-paced SOC environment
JBRP1_UKTJ